There Is No One Left On Debianâs Data Protection Team
Besides Debianâs aging bug tracker interface, another challenge as the Debian Linux distribution project begins 2026 is that all volunteers have left their Data Protection Team. The Debian Data Protection Team deals with General Data Protection Regulation (GDPR) issues and related data protection/privacy related matters⌠â Read more
Europeâs Public Institutions Are Quietly Ditching US Cloud Providers
European public institutions are quietly migrating away from American cloud providers and office software, driven less by policy ambitions in Brussels than by the mundane legal reality that GDPR-mandated risk assessments keep flagging the US CLOUD Act as an unacceptable threat to citizen data.
Austriaâs Federal Ministry for Economy, Energ ⌠â Read more
Still the #DigitalOmnibus :
Tech Policy says âWhat all of these changes point to is a shift away from empowering people and towards granting discretion to business. What makes the GDPR truly disruptive is that its rights-based approach puts power into the hands of data subjects, of people, and gives them tools to fight back against tech giants, powerful government agencies, and anyone else who uses their data to surveil, track or control them. In a broad sense, shifting towards a risk-based approach to digital regulation tends to allow discretion to powerful actors and creates a maze of loopholes, exemptions, and exceptions that all, ultimately, function as ways for powerful actors to avoid accountability.â
@accessnow.social@accessnow.social says âThe new Commissionâs decision to prioritize deregulation and securitization above all else is taking the EU in a dangerous direction; one where human rights, once seen as fundamental for the European project, are being sidelined. This will not make peopleâs lives easier, nor keep them safer. Rather it will transform the EU into a digital dystopia, and ultimately undermine the foundations of European democracy.â
To finish, we have #Macron. #Sovereignty? Nah, what he wants is:
- less regulation
- a âsmallerâ, ârisk-basedâ #GDPR
- postpone 1 year the #AIAct obligations for big tech
With a straight face, he recommends these anti-sovereingty measures as things that somehow will be good for our tech sovereigntyâŚ.
At least he puts emphasis on enforcing #DMA, and make sure that hyperscalers comply with it.
He also defends EU-first public procurement, but his examples are SAP and Mistral (and their non-interoperable solutions)âŚ
Finally, he things it is important to speed up AI adoption, going as far as saying that next year instead of a digital sovereignty summit weâll have an AI summitâŚ
No, not finally! To finish, he wants to âprotect the childrenâ! We all know where that one leadsâŚ
âTCFâ cookie consent popups violate GDPR; OSNews wants to stop using cookie popups too once we get enough Patreons
You may not have heard of the âTransparency & Consent Frameworkâ, but youâve most likely interacted with it, probably on a daily basis. The TCF is used by 80% of the internet to obtain âconsentâ from users to collect their data and share it among advertisers â you know, the cookie popups. In a landmark EU ru ⌠â Read more
Self-hosting my emails again: A few weeks in
A few weeks ago, I moved back to self-hosting my mail server after using Purelymail for three years. The decision wasnât about cost â itâs actually more expensive to rent a VPS â but about control, security, and data locality. My mails are now hosted in Europe, giving me more confidence in their privacy, and I can configure everything exactly as I want while ensuring compliance with GDPR. â Read more
Self-hosting my emails again
After three years with Purelymail, Iâm back at self-hosting my mail server. Not because itâs cheaper (itâs actually much pricier to pay for a VPS), but because my mails are now hosted in Europe (who knows what happens next in the USA), I have more control to configure things how I want, and I can comply with GDPR. â Read more
@Prologic@twtxt.net Looking at Threema because it is European with servers in Switzerland and it has GDPR conformity, among some other reasons.
↳
In-reply-to
»
(#jgewp6a) I'd like to see them fine me 2% of zero dollars
⤠Read More
83(4) GDPR sets forth fines of up to 10 million euros, or, in the case of an undertaking, up to 2% of its entire global turnover of the preceding fiscal year, whichever is higher.
Though I suppose it has to be the greater of the two. But I donât even have one euro to start with.
↳
In-reply-to
»
@prologic Do you have a link to some past discussion?
⤠Read More
@falsifian@www.falsifian.org The GDPR does not apply to the processing of data for a purely personal or household activity that is not connected to a professional or commercial activity.
@prologic@twtxt.net I have no specifics, only hopes. (I have seen some articles explaining the GDPR doesnât apply to a âpurely personal or household activityâ but I donât really know what that means.)
I donât know if itâs worth giving much thought to the issue unless either you expect to get big enough for the GDPR to matter a lot (I imagine making money is a prerequisite) or someone specifically brings it up. Unless you enjoy thinking through this sort of thing, of course.
↳
In-reply-to
»
(#5vbi2ea) @prologic I wouldn't want my client to honour delete requests. I like my computer's memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can't find it.
⤠Read More
@prologic@twtxt.net Do you have a link to some past discussion?
Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I donât think I have to honour that request, no matter how European they are.
I am really bothered by the idea that someone could force me to delete my private, personal record of my interactions with them. Would I have to delete my journal entries about them too if they asked?
Maybe a public-facing client like yarnd needs to consider this, but that also bothers me. I was actually thinking about making an Internet Archive style twtxt archiver, letting you explore past twts, including long-dead feeds, see edit histories, deleted twts, etc.
RT by @mind_booster: âBreaking: Meta Tracking Tools unlawful
In a groundbreaking decision in one of noybs 101 complaints, the Austrian Data Protection Authority decided that the use of Facebookâs tracking pixel directly violates the GDPR: https://noyb.eu/en/austrian-dsb-meta-tracking-tools-illegal?mtc=tw
âBreaking: Meta Tracking Tools unlawful
In a groundbreaking decision in one of noybs 101 complaints, the Austrian Data Protection Authority decided that the use of Facebookâs tracking pixel directly violates th ⌠â Read more
When you submit a GDPR request to American Express (Germany), you get an âEncrypted Mailâ (for which you have to log in again somewhere and set a password), which then contains two PDFs, one of which is full of screenshots of mainframe terminals. â Read more
Suggestion for the next #GDPR iteration: No landing pages allowed. Content must be served on the first request.
The easiest path to GDPR compliance: switch to a completely static website with no javascript, CGI, or CSS, and rotate the logs daily.
GDPR Hysteria ¡ Jacques Mattheij https://jacquesmattheij.com/gdpr-hysteria
Doc Searls Weblog ¡ GDPR will pop the adtech bubble https://blogs.harvard.edu/doc/2018/05/12/gdpr/